<?

  error_reporting(E_ALL);
  ini_set('display_errors', 1);

if (empty($_COOKIE['user'])) {
  header('Location: index.php');
}

include_once 'controller.inc.php';
$db_link = db_connect();
$user = db_getUserByEmail($_COOKIE['user']);
db_disconnect($db_link);

include("header.inc.php");

?>

  <h1>Edit Account Information</h1>  

<?
if (isset($_GET['success'])) {
  $success_info = $_GET['success'];
  $success_info = explode('_', $success_info);
  echo '<p class="success">'.$success_info[0].' '.$success_info[1].' successfully.</p>';
}

if (isset($_GET['failure'])) {
  if ($_GET['failure'] == 'password') {
    echo '<p class="error">Old password incorrect.</p>';
  }
  else if ($_GET['failure'] == 'auth') {
    echo '<p class="error">Unauthorized action.</p>';
  }
}
?>
  
  <form name="edit_user" action="update_user.php" method="post" onsubmit="return validate()">
    <p>
      <label for="name">Name:</label><br/>
      <input type="text" name="name" id="name" value="<? echo $user->getName() ?>">
    </p>
    <p>
      <label for="email">Email Address:</label><br/>
      <input type="email" name="email" id="email" value="<? echo $user->getEmail() ?>">
    </p>
    <p>
      <label for="address">Address:</label><br/>
      <input type="text" name="address" id="address" value="<? echo $user->getAddress() ?>">
    </p>
    <p>
      <label for="phone">Phone Number:</label><br/>
      <input type="text" name="phone" id="phone" value="<? echo $user->getPhone() ?>">
    </p>
    <input type="hidden" name="id" value="<? echo $user->getID() ?>">
    
    <p><a href="edit_password.php">Edit Password</a></p>
    
    <p><input type="submit" name="action" value="Edit Info">
    or
    <a href="dashboard.php">Cancel</a></p>
  </form>
  
  <form name="delete_user" action="delete_user.php" method="post" onsubmit="return confirm_deletion()">
    <input type="hidden" name="id" value="<? echo $user->getID() ?>">
    <p><input type="submit" name="action" value="Delete Account"></p>
  </form>

<script type="text/javascript">
function validate() {
  var form_fields = document.forms['edit_user'];
  var email = form_fields['email'].value;
  
  if (email == null || email == '') {
    alert('Email address required.');
    return false;
  }
}

function confirm_deletion() {
  var confirmed = confirm('Are you sure you would like to delete this account?');
  if (!confirmed) {
    return false;
  }
}
</script>

<?

include("footer.inc.php");

?>
